add expire times

This commit is contained in:
Valentin CZERYBA 2022-05-15 13:35:21 +02:00
parent 83d7ec19bc
commit 6c3cf5b92c

View File

@ -40,16 +40,20 @@ public class TokenRessource {
@GET @GET
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
public Response getUserName(@HeaderParam("Authorization") String auth, @CookieParam("jwt") String jwtCookie) { public Response getUserName(@HeaderParam("Authorization") String auth, @CookieParam("user") String user, @CookieParam("jwt") String jwtCookie) {
String name = "anonymous"; String name = "anonymous";
String password = ""; String password = "";
if(auth == null){ if(auth == null){
if(user == null){
return Response.status(Response.Status.BAD_REQUEST).build(); return Response.status(Response.Status.BAD_REQUEST).build();
} else {
name = new String(Base64.decode(user), StandardCharsets.UTF_8);
} }
} else {
String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":"); String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":");
name = hash[0]; name = hash[0];
password = Hash.encryptSHA512(hash[1]); password = Hash.encryptSHA512(hash[1]);
}
UsersEntity users = UsersEntity.findByPseudo(name); UsersEntity users = UsersEntity.findByPseudo(name);
if (users == null){ if (users == null){
return Response.status(Response.Status.NOT_FOUND).build(); return Response.status(Response.Status.NOT_FOUND).build();
@ -62,7 +66,8 @@ public class TokenRessource {
String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).expiresIn(Duration.ofMinutes(1)).sign(); String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).expiresIn(Duration.ofMinutes(1)).sign();
// or create a JWT token encrypted using the 'A256KW' algorithm // or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret); // Jwt.upn("alice").encryptWithSecret(secret);
return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie)).build(); String nameEncoded = Base64.toBase64String(name.getBytes(StandardCharsets.UTF_8));
return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie), new NewCookie("user", nameEncoded)).build();
} }
// All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
try { try {